CVE-2019-9506: The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from…

high8.1CVSS 3.1

AVAACLPRNUINSUCHIHAN

The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an attacker from influencing the key length negotiation. This allows practical brute-force attacks (aka "KNOB") that can decrypt traffic and inject arbitrary ciphertext without the victim noticing.

Affected

150 ranges· showing 25

Vendor	Product	Version range	Fixed in
apple	ios	—	—
apple	iphone_os	—	—
apple	mac_os_x	—	—
apple	mac_os_x	—	—
apple	mac_os_x	—	—
apple	macos_mojave_10.14.6_security_update_2019-004_high_sierra_security_update_2019-0	—	—
apple	tvos	—	—
apple	tvos	—	—
apple	watchos	—	—
apple	watchos	—	—
bluetooth	br_edr	5.1 – 5.1	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
canonical	ubuntu_linux	—	—
debian	debian_linux	—	—
debian	linux	< linux 5.2.6-1 (bookworm)	linux 5.2.6-1 (bookworm)
google	android	—	—
huawei	alp-al00b_firmware	< 9.1.0.333\(c00e333r2p1t8\)	9.1.0.333\(c00e333r2p1t8\)
huawei	ares-al00b_firmware	< 9.1.0.160\(c00e160r2p5t8\)	9.1.0.160\(c00e160r2p5t8\)
huawei	ares-al10d_firmware	< 9.1.0.160\(c00e160r2p5t8\)	9.1.0.160\(c00e160r2p5t8\)
huawei	ares-tl00c_firmware	< 9.1.0.165\(c01e165r2p5t8\)	9.1.0.165\(c01e165r2p5t8\)
huawei	asoka-al00ax_firmware	< 9.1.1.181\(c00e48r6p1\)	9.1.1.181\(c00e48r6p1\)
huawei	atomu-l33_firmware	< 8.0.0.147\(c605custc605d1\)	8.0.0.147\(c605custc605d1\)
huawei	atomu-l41_firmware	< 8.0.0.153\(c461custc461d1\)	8.0.0.153\(c461custc461d1\)
huawei	atomu-l42_firmware	< 8.0.0.155\(c636custc636d1\)	8.0.0.155\(c636custc636d1\)

CVSS provenance

nvdv3.18.1HIGHCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

osv8.1HIGH